Search Results

Search found 95574 results on 3823 pages for 'mac osx server'.

Page 1810/3823 | < Previous Page | 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 | Next Page >

Options for PCI-DSS on AWS - file integrity monitoring and intrusion detection

- by Brill Pappin

I need to deploy some file integrity monitoring and intrusion detections software on AWS instances. I really wanted to use OSSEC, however it does not work well in an environment where servers can auto deploy and shut down based on load, because it requires server managed keys to be generated. Including the agent in the AMI will not allow monitoring as soon as it comes up because of that. There are many options out there, and several are listed in other posts on this site, however none that I've seen so far deal with the unique problems inherent in AWS or cloud based deployments in general. Can anyone point me at some products, preferably open source, that we might use to cover those portions of PCI DSS that require this software? Has anyone else achieved this on AWS?

Read the article
Jail Linux user to directory for FTP login

- by Greg

I'm planning on using vsftpd to act as a secure ftp server, but I am having difficulty controlling the linux users that will be used as ftp logins. The users are required to be "jailed" into a specific directory (and subdirectories) and have full read/write access. Requirements: - User account "admin_ftp" should be jailed to /var/www directory. - Other accounts will be added as needed, for each site... e.g: - User account "picturegallery_ftp" should be jailed to /var/www/picturegallery.com directory. I have tried the following, but to no avail: # Group to store all ftp accounts in. groupadd ftp_accounts # Group for single user, with the same name as the username. groupadd admin_ftp useradd -g admin_ftp -G ftp_accounts admin_ftp chgrp -R ftp_accounts /var/www chmod -R g+w /var/www When I log into FTP using account admin_ftp, I am given the error message: 500 OOPS: cannot change directory:/home/admin_ftp But didn't I specify the home directory? Extra internets for a guide how to do this specifically for vsftpd :)

Read the article
SPF include: too many IP addresses

- by sprezzatura

I've hit a snag with SPF. The SPF record for my domain will contain four or five entries, plus it will contain: include:sgizmo.com The SPF record for sgizmo.com contains eleven entries! This, plus mine, is way over the maximum ten allowed by the RFC (and probably by most servers). I realize that there has to be a limit in order to prevent DoS attacks. However, in the real world, it is probably not unreasonable for large companies to have many server addresses. Furthermore, must I know monitor my 'include:' counterparts for changes and additions? Must I check weekly, daily, to insure that some combination of changes doesn't suddenly put me over the top? It doesn't seem to me that SPF is suitable for prime time. Is there another way to do this?

Read the article
HTTP traffic through PIX VPN from outside site

- by fwrawx

I have a remote site with a website that only allows access from the outside IP assigned to our local PIX. I have users connecting to the local networking using a VPN that need to be able to view this remote site. I don't think this works because the packets want to come in and go out over the same (ext) interface. So I'm looking for a way to make this work using the PIX or setting up a service on a server on the local network to act as a middle-man for the HTTP requests. The remote site doesn't support setting up a VPN to our PIX. The remote website is dishing out pages over a non-standard port. Can I use squid or something similar to proxy just one site?

Read the article
How to stop syslog from listening to 514 on CentOS 5.8

- by Jim

I have a CentOS 5.8 machine (with regular syslog) that for some reason is listening to port 514, even though it is not started with "-r" (to receive remote syslog messages). # netstat -tulpn | grep 514 udp 0 0 0.0.0.0:514 0.0.0.0:* 2698/syslogd Syslog is started with only "-m 0": ps -ef | grep syslogd root 2698 1 0 15:55 ? 00:00:00 syslogd -m 0 I have tried starting it with "-m 0 -r", just to check if there was any difference, but there is not. This machine is a client and should only log to a central log server - it should not be listening itself. What am I missing?

Read the article
Network access to VM only from host ...

- by Jamie

I'm trying to do some testing of Ubuntu 10.04 Beta 2 Server in a VMWare environment. The host is XP, and the VM software is VMPlayer. Problem is, I want to be able to see the VM from the network, not just from the host. I can SSH into the VM from the host, but from any other machine on the network I can't even get the VM to respond to a ping. Going the other way (from the VM out) isn't a problem at all. The VM software did an 'easy installer' so I'm not really sure what was going on with the networking. Suggestions?

Read the article
Mysql Error 2002 (HY000) on Snow Leopard

- by Ole Media

My boss update my computer to Snow Leopard, after the update we had a set back and deleted a few files/folders, since then is just nightmare after another one. I finally getting things back but I'm still having problems with MySQL. This is what I did: Deleted ALL of mysql files/folders Download and installed the packages mysql-5.1.45-osx10.6-x86_64.dmg installed the Startup item and the preferences panel After the above, I tried to start MySQL from the preferences panel without luck, and running the following command from Terminal /usr/local/mysql/bin/mysql I get the following result ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) I looked at some other post for possible solutions, but what they does not exactly fits my problem, so I cannot find a solution. I'm new to all this and your help will be much appreciated.

Read the article
Why is Internet access and Wi-Fi always so terrible at large tech conferences?

- by Joel Spolsky

Every tech conference I've ever been to, and I've been to a lot, has had absolutely abysmal Wi-Fi and Internet access. Sometimes it's the DHCP server running out of addresses. Sometimes the backhaul is clearly inadequate. Sometimes there's one router for a ballroom with 3000 people. But it's always SOMETHING. It never works. What are some of the best practices for conference organizers? What questions should they ask the conference venue or ISP to know, in advance, if the Wi-Fi is going to work? What are the most common causes of crappy Wi-Fi at conferences? Are they avoidable, or is Wi-Fi simply not an adequate technology for large conferences?

Read the article
Severe latency only on one machine and only when accessing intranet site

- by Joe M.

I have one desktop machine that is having consistently high latency only when trying to load a page from an intranet site. Using the Chrome Developer Tools, the site shows a "Waiting" time of 4-5 seconds each page load. Other machines have <50ms, and the problem machine loads regular internet sites with <1s latency, so the problem is only on one machine and only when accessing the intranet site. This is a small business and all the hosts are on 192.168.0.1/24 I would have suspected a connection issue with the problem machine but normal internet sites are not having latency. Then I would have looked at connection issues with the intranet web server but other machines are not having latency to it. What else can I look at to troubleshoot this?

Read the article
Why shibboleth IdP idp-metadata.xml recommends 8443 for SOAP?

- by toma

After the install.sh of 2.4.0 Shibboleth Identity Server, the idp-metadata.xml file is created. Why is that? Is not enough secure to use the standard HTTPS/443 port? <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/SLO" /> <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> Thanks, Tamas

Read the article
Modern open source NIDS/HIDS and consoles?

- by MattC

Years back we set up an IDS solution by placing a tap in front of our exterior firewall, piping all the traffic on our DS1 through an IDS box and then sending the results off to a logging server running ACiD. This was around 2005-ish. I've been asked to revamp the solution and expand on it and looking around, I see that the last release of ACiD was from 2003 and I can't seem to find anything else that seems even remotely up-to-date. While these things may be feature complete, I worry about library conflicts, etc. Can anyone give me suggestions for a Linux/OpenBSD based solution using somewhat modern tools? Just to be clear, I know that Snort is still actively developed. I guess I'm more in the market for a modern open-source web console to consolidate the data. Of course if people have great experiences with IDS' other than Snort I'm happy to hear about it.

Read the article
How Do I Change the Windows7 LAN Proxy Config from the Command Line

- by david.barkhuizen

In Windows7, Is it possible to define/change the proxy config from the command line ? So, using the gui, I would go: Start Control Panel Network and Internet Internet Options Connections LAN Settings and then - enable/disable the proxy - define IP:port of proxy server But I would like to rather do this from the command line (so that I can run the command from a batch-file with a shortcut key - enabling me to switch proxy configs using a short-cut, rather than having to wade through the MS wizard). I've looked at using netsh.exe to change the settings for WinHTTP, but this seems to be thr wrong thing to do, as the WinHTTP setting do not appear to be related to the LAN settings. Much appreciated folks.

Read the article
HP Proliant DL360 G5 + MSA50 RAID Setup recommendations

- by JohnRB

I am running a HP Proliant DL360 2 x 3GHz Xeon 16GB Ram P400 integrated RAID card with 6 x 73GB SAS HDDs running Ubuntu Server 14.04 CLI only. I recently got my hands on a MSA50 SAS Enclosure (10 x SAS HDD bays w/ SAS in/out interface) and wondering what you guys recommended as far as an addon raid controller for one of the pciex slots. I have both slots free Full and Half sizes. Any suggestions are greatly appreciated, I am an I.T. Consultant but have not used these particular units before so I was hoping to hear from someone who has. Thanks!

Read the article
why do i get an SPF Softfail?

- by johnlai2004

I installed SPF on my LAMP server with postfix. But for some reason, I get this error Received-SPF: softfail (mta1070.mail.re4.yahoo.com: domain of transitioning [email protected] does not designate 1.1.1.1 as permitted sender) I have two questions: 1) how do I trouble shoot this error 2) I've been looking through my configuration files in an attempt to change [email protected] to [email protected] because anotherurl.com has the correct SPF TXT records. Where do i go to change this? I tried editing myhostname under /etc/postfix/main.cf, but it didn't do anything.

Read the article
What parameters to mdadm, to re-create md device with payload starting at 0x22000 position on backing storage?

- by Adam Ryczkowski

I try to recover from mdadm raid disaster, which happened when moving from ubuntu server 10.04 to 12.04. I know the correct order of devices from dmesg log, but given this information, I still cannot access the data. The superblocks look messy; the mdadm --examine for each disk is on this question on askubuntu By inspecting the raw contents of backing storage, I found the beginning of my data (the LUKS container in my case) at position 0x22000 relative to the beginning of the first partition in the raid. Question: What is the combination of options issued to "mdadm --create" to re-create mdadm that starts with the given offset? Bitmap size? PS. The relevant information from syslog when the system was healthy are pasted here.

Read the article
Wordpress Blank White Page for Login

- by HollerTrain

When I go to the /wp-login.php portion of my Wordpress site I get a blank white screen. In fact, throughout the entire domain I get blank white screen. Also, I can't even connect to the server via FTP (tried with other FTP accts to make sure not FTP client). Is this an issue with the host or my WP? Not even sure how to fix it if it's on my end cuz I can't even login to FTP or to the Admin Dashboard! Any help = appreciated.

Read the article
Qmail Installation CentosI386

- by tike

I was trying to install qmailtoster in my centos server, i did all of the following not for once but repetitively as i got error and continued but i felt i need some help. i did follow all the steps of this wiki documentation. http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install#Begin_Install followed all procedure when i came in a point to install i always got this error. cnt50-install-script.sh: line 80: rpmbuild: command not found error: File not found by glob: /usr/src/redhat/RPMS/i386/daemontools-toaster*.rpm Installing ucspi-tcp-toaster . . . Shall we continue? (yes, skip, quit) [y]/s/q: cnt50-install-script.sh.4: line 90: rpmbuild: command not found error: File not found by glob: /usr/src/redhat/RPMS/i386/ucspi-tcp-toaster*.rpm Installing vpopmail-toaster . . . Shall we continue? (yes, skip, quit) [y]/s/q: any suggestions please?

Read the article
What settings need to be changed to allow EC2 instances to use Amazon's Route 53 for DNS?

- by ks78

I have a number of Amazon EC2 instances, all running Ubuntu, which I'd like to configure to use Amazon's Route 53. I setup a script, following Shlomo Swidler's article, but ran into script-related issues, which were answered here. Now, I have the script working, but my instances are still not able to access Route 53's DNS. By this I mean, they are not able to resolve hostnames to IP addresses. My instances are currently configured with the DNS server IP address Amazon pushes out to them by default, does that need to be changed when using Route 53? I'm also IP-restricting my instances using the Security Groups. Could that be the problem? Is there a certain IP address or port I should open to allow communication with Route 53? It seems that DNS requests should be originating from my instances so the Security Groups shouldn't be an issue, but I've been wrong before. If anyone has any ideas, I'd really appreciate it.

Read the article
Cant deploy "war" file from Virtual Hosts, see a directory listing.

- by Kaustubh P

This is my httpd.conf configured with Virtual hosts: NameVirtualHost *:80 <VirtualHost *:80> ServerName http://foo.baz.in DocumentRoot /var/www/foo/ </VirtualHost> <VirtualHost *:80> ServerName http://bar.baz.in DocumentRoot /var/www/ </VirtualHost> The second virtual host is a Wordpress blog, configured with .htaccess, and index.php in the root i.e. /var/www, and rest of the files in wordpress's own folder. However, the first virtual host is a "war" file, and when I goto foo.baz.in, I see the directory listing, containing the war. I also tried changing the DocumentRoot to /var/www/foo/foo.war` but I get an error Restarting web server: apache2Warning: DocumentRoot [/var/www/foo/foo.war] does not exist I also changed the owner and permission of the war to www-data:www-data and changed the permissions to 755, but to no avail. How do I make apache deploy my "war"? Thanks.

Read the article
How can I receive more traffic? My VPS fails!!!

- by Vic

I have a web site - photo gallery. About 400 photos. Site on Gallery 3. mySQL. Hosted on VPS from myhosting.com (CPU 1792 MHz, 2048 MB RAM). Everything seems to be ok, but there is one big problem. Once traffic reaches ~ 20 people (online) - website start loading really really slow. Actually website can't be loaded about 30-60 sec. What should I do? Buy more RAM / CPU on the same VPS? Move to a dedicated server or maybe myhosting.com just sucks? What do you recommend?

Read the article
Nxlog Multiline Input to 1 Syslog Message

- by Eric

I am using nxlog to tail a custom log file on one of my Windows servers. Each entry in the text file looks similar to this. =================================================================================================================== 1/14/2014 3:08:48 PM DOMAIN\user1 adding group member... Domain: blah Group: TestGroup Member: CN=Joe Bob,CN=Users,DC=blah,DC=ARG,DC=com 1/14/2014 3:08:48 PM 1 member added.<br> ================================================================================================ I'm trying to send this log to my syslog server and I want to combine these multiple lines to 1 line so I can easily grep/search for specific users or groups. I've read some of the documentation on nxlog's website regarding multiline but haven't found a specific config to put them all in 1 entry with a syslog header. Thanks, Eric

Read the article
DBD::mysql gives mysql_init not found

- by highBandWidth

I have to install a non-admin copy of mysql and perl module DBD::mysql in my home directory. I installed mysql in ~/software/db/mysql and this works since I can start and stop the server and go to the mysql prompt. Then, I downloaded the perl module and installed it using perl Makefile.PL PREFIX=~/myperl/ LIB=~/myperl/lib/lib64/perl5/ --mysql_config=/my_home/software/db/mysql/bin/mysql_config --libs=/myhome/software/db/mysql/lib/libmysqlclient.a make make install I did this to use the statically linked mysql client library. perl -MDBD::mysql -e 1 gives no errors. However, when I actually try to use the module, I get /usr/bin/perl: symbol lookup error: /myhome/myperl/lib/lib64/perl5/x86_64-linux-thread-multi/auto/DBD/mysql/mysql.so: undefined symbol: mysql_init

Read the article
Test site speed

- by Elad Lachmi

I am test driving an Akmai CDN architecture and before committing to buy, I would like to gauge the real performance gain from the acceleration feature. What would be the best MO for doing speed tests from different locations around the world? I would like to test the page load speed and not just the server response time. I would like to test speed from as many edge locations as possible. I do not mind a paid service as well, if it is optimal. Thank you!

Read the article
How to exclude a specific URL from basic authentication in Apache?

- by ripper234

Two scenarios: Directory I want my entire server to be password-protected, so I included this directory config in my sites-enabled/000-default: <Directory /> Options FollowSymLinks AllowOverride None AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/apache2/passwords Require user someuser </Directory> The question is how can I exclude a specific URL from this? Proxy I found that the above password protection doesn't apply to mod_proxy, so I added this to my proxy.conf: <Proxy *> Order deny,allow Allow from all AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/apache2/passwords Require user someuser </Proxy> How do I exclude a specific proxied URL from the password protection? I tried adding a new segment: <Proxy http://myspecific.url/> AuthType None </Proxy> but that didn't quite do the trick.

Read the article
how can I git-revise configs in my /etc/ dir? (sudo has different keys..)

- by Dean Rather

I'd like to keep some of the folders in my /etc/ dir git-revised, cause I'm quite new to server administration and am constantly messing around in my /etc/nginx/ and /etc/bind/ directories. I've heard of people git-revising their either /etc/ directories, but that seems a bit like overkill, as at this point I'm only messing in those 2 subdirectories. The problem I'm having is that if I sudo my git operations, I don't have the right pubkeys to push to my remote repo (bitbucket). But if I don't sudo, I need to mess around with all the permissions (again, not very pro at this). Does anyone know best practices for managing their configs? or how I should solve this problem? Thanks, Dean. PS. It's Ubuntu 12.04, Git, nginx, bind9, amazon aws, bitbucket...

Read the article

< Previous Page | 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 | Next Page >